Auth::logout 每次退出都有修改 token？

This functionality is only useful when u use the remember me functionality which purpose is to help against Remember Me cookie hijacking.

The value is refreshed upon login and logout. If a cookie is hijacked by a malicious person, logging out makes the hijacked cookie useless since it doesn't match anymore.

Study the source code, u will understand:

• When u login, u will go through the steps in the vendor/laravel/framework/src/Illuminate/Auth/SessionGuard.php
  as below:

• 

• When u logout, u will go through the steps in the vendor/laravel/framework/src/Illuminate/Auth/SessionGuard.php
  as below: